Hit the switch for internal security9 March 2022
When so much of military capability relies on secure networks, cybersecurity has become a priority, but internal threats – through human error or malicious activity – pose as much risk as any external attack. Product manager David Isola and lead federal business development manager Douglas Hayes of Black Box elaborate on how to secure military networks in a more flexible way.
Defence organisations are as well prepared as possible for external cyberattacks and have invested heavily in up-to-date security protocols. Internal threats, however, can be harder to counter, especially when operators are working on systems with different security classification levels. The human element is the hardest to control and predict when it comes to data protection.
This is why access to secure networks has traditionally involved stringent physical security measures. Until recently, bases often had only one or two places where such access was possible and these secure comms vaults lie behind 18-inch steel-reinforced concrete walls. Those accessing the Secure Internet Protocol Router Network (SIPRNet), for example, must undergo strict identity and authorisation checks, and are closely watched by two armed guards.
With the Secure KVM switches from Black Box, however, this could be a thing of the past. The switches prevent unauthorised access and cross-contamination of data between devices and networks, allowing users to switch between SIPRNet and the Non-classified Internet Protocol Router Network (NIPRNet) without risk.
“We can air gap in the same way but we can accomplish it in one room,” says Douglas Hayes, lead federal business development manager at Black Box.“Switches are typically built with copper wire, which can act as an antenna, which risks bleeding and emissions of data,” explains Black Box product manager David Isola. “We use optical diodes, so there is no noise between NIPR and SIPR. Many organisations have separate consoles for NIPR and SIPR, but someone might get on the wrong console. With KVM, they can sit at one console and switch between networks, so there is no time lost.”
Emerging from the vault
The need to deliver this flexibility, while maintaining the highest level of security, has become clear during the major conflicts in the last 20 years.“The war in Iraq and Afghanistan was the biggest impetus,” says Hayes. “Many people needed that secure access and you can’t have ten generals in one room along with all of the people tasked with handling secure internet protocols. So, it merged into something where you had a room for SIPRnet with 30 or 40 computers. There was a real risk of people cross-utilising non-secure and secure equipment, using USB sticks to cross-pollinate.”
Secure KVM opens up a host of new possibilities for the layout of a military comms operation.
“When I was in Iraq, we had five separate networks,” says Hayes. “I was encircled by computers. Now, the switches allow them all to be remoted and used through one console without any cross-contamination of data. Comms can work effortlessly without worrying about the human factor. The operator has better situational awareness and there is a distinct productivity gain.”
Sometimes computers are locked in secure rooms, then you can install a solution that adds signal extensions,” says Isola. “If there are multiple operators needing to exchange data then you can set up the switches in a matrix, with security around who can connect to what. It is a combination of technologies that can solve any challenge from a single operator to a large control room.”
Even in an open environment with many consoles, the switches will prevent a user from connecting an unauthorised USB device to pull files off a top-secret server or push information into the system. Security clearance is handled automatically through the system, which is certified by the National Information Assurance Partnership – a part of the National Security Agency.
Secure KVM is already in widespread use worldwide. Whether it is in large command and control centres in the Middle East for the monitoring of civilian and military air traffic across neighbouring states down to the Horn of Africa, in Nato bases across Europe or in the counter-terrorism departments of national police forces, the technology is protecting top secret information while improving the productivity of network users.
Be it for the army, navy or air force, in police applications, in commercial use by banks, educational institutions or healthcare facilities, Secure KVM hits the sweet spot between security and accessibility.
To find out more please click on this link to download the whitepaper on Meeting Cybersecurity Threats With Secure KVM Switches.